Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/lZLKiZE2Z1DN_mDB_iFsL3ciblI.roa
File: lZLKiZE2Z1DN_mDB_iFsL3ciblI.roa (raw, json)
Hash identifier: o/dOeEFtEFemTSpY8+6cke3oUBk7URz5tU76ukonHKA=
Subject key identifier: 95:92:CA:89:91:36:67:50:CD:FE:60:C1:FE:21:6C:2F:77:22:6E:52
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 01940970DD08719262EA5DF0127FB50A8FEE
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/lZLKiZE2Z1DN_mDB_iFsL3ciblI.roa
Signing time: Fri 27 Dec 2024 18:46:19 +0000
ROA not before: Fri 27 Dec 2024 18:46:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216246
IP address blocks: 103.71.22.0/24 maxlen: 24
103.71.23.0/24 maxlen: 24
103.249.132.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:09:70:dd:08:71:92:62:ea:5d:f0:12:7f:b5:0a:8f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Dec 27 18:46:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9592ca8991366750cdfe60c1fe216c2f77226e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ce:b4:b0:c0:95:b1:3b:55:bc:06:52:8f:2f:
20:0c:88:51:af:8c:5d:42:16:de:75:0f:ce:73:fb:
90:2e:76:0a:2a:69:61:7a:44:0c:18:9f:b5:f7:7a:
44:b8:ac:47:08:9c:3a:ae:a6:fb:2f:c2:10:1a:c0:
b5:8e:35:93:28:09:64:71:eb:66:56:ed:04:af:24:
59:13:53:e8:e5:02:1c:06:17:04:1c:a3:4a:ec:cb:
d2:75:00:c6:ba:16:bc:15:4b:2f:46:6d:9a:98:95:
dc:30:e1:d5:71:57:ec:85:a0:d8:c4:fd:4e:51:cd:
b1:d2:e8:1f:eb:90:87:0e:b9:9a:3d:39:0c:4b:23:
57:de:71:68:ba:34:d6:be:4f:0c:ca:e6:e1:aa:94:
e0:e0:63:5a:ee:68:64:95:af:82:46:dd:8e:84:0d:
0e:a6:f3:92:97:52:c6:90:52:61:61:0b:6f:34:2e:
5b:19:bb:2c:3f:53:a5:76:87:7a:89:30:c5:e6:29:
63:cd:ff:bb:19:df:02:8f:84:97:e6:f1:b6:7e:33:
c1:10:4b:9f:18:8c:25:b1:80:1a:32:0a:b5:ca:17:
d0:2b:10:c6:17:47:05:c6:37:b8:ff:f7:38:12:fd:
23:45:c8:d0:57:1f:57:40:66:35:7f:e5:16:0e:27:
06:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:92:CA:89:91:36:67:50:CD:FE:60:C1:FE:21:6C:2F:77:22:6E:52
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/lZLKiZE2Z1DN_mDB_iFsL3ciblI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.71.22.0/23
103.249.132.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:67:75:c0:e9:30:03:71:ae:b5:9d:6a:bc:e9:76:fd:c7:63:
d3:f4:d9:f8:aa:cb:2b:91:30:c9:a0:09:cf:15:f6:f5:d7:67:
56:59:ef:8a:9b:a2:6d:25:c1:4e:45:8d:3e:4a:03:e7:44:4b:
83:69:01:64:57:38:04:99:24:ba:89:7e:bd:bd:4f:1a:3c:44:
f8:6d:d7:48:02:3c:24:46:5a:39:f1:27:19:07:b2:68:10:49:
9d:a9:ec:13:c7:ec:2e:1e:fe:e7:68:cb:31:a1:39:73:bd:2f:
21:e5:8c:ee:a6:6f:4c:33:ee:fc:c9:50:3b:4d:14:8a:02:01:
ad:91:55:49:38:47:e0:90:3f:3e:e1:38:d6:81:dd:fd:00:f1:
f4:d3:1e:ad:c8:2a:e0:42:5f:94:dc:f0:5f:d2:5d:ba:d7:ed:
db:bf:fe:b6:97:ab:5b:d3:c3:63:dc:45:d4:24:63:40:4c:61:
de:90:57:a3:3f:60:5b:88:3b:bb:8a:4d:58:59:1c:e1:10:a8:
ee:a4:e2:aa:5a:48:6d:3d:ec:ba:09:4b:25:fe:f7:55:d7:c5:
0d:b6:ea:9e:af:0a:09:6c:78:27:5a:9f:be:5e:d9:d8:f1:a5:
f6:f6:70:0e:77:6a:62:84:20:4b:2e:c0:8c:fb:6d:dc:54:3e:
e1:28:d4:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQJcN0IcZJi6l3wEn+1Co/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQxMjI3MTg0NjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTkyY2E4OTkxMzY2NzUwY2RmZTYwYzFmZTIxNmMyZjc3MjI2ZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr860sMCVsTtVvAZSjy8gDIhRr4xd
QhbedQ/Oc/uQLnYKKmlhekQMGJ+193pEuKxHCJw6rqb7L8IQGsC1jjWTKAlkcetm
Vu0EryRZE1Po5QIcBhcEHKNK7MvSdQDGuha8FUsvRm2amJXcMOHVcVfshaDYxP1O
Uc2x0ugf65CHDrmaPTkMSyNX3nFoujTWvk8MyubhqpTg4GNa7mhkla+CRt2OhA0O
pvOSl1LGkFJhYQtvNC5bGbssP1Oldod6iTDF5iljzf+7Gd8Cj4SX5vG2fjPBEEuf
GIwlsYAaMgq1yhfQKxDGF0cFxje4//c4Ev0jRcjQVx9XQGY1f+UWDicGoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJWSyomRNmdQzf5gwf4hbC93Im5SMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvbFpMS2laRTJaMUROX21EQl9pRnNMM2NpYmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBZ0cWAwQC
Z/mEMA0GCSqGSIb3DQEBCwUAA4IBAQChZ3XA6TADca61nWq86Xb9x2PT9Nn4qssr
kTDJoAnPFfb112dWWe+Km6JtJcFORY0+SgPnREuDaQFkVzgEmSS6iX69vU8aPET4
bddIAjwkRlo58ScZB7JoEEmdqewTx+wuHv7naMsxoTlzvS8h5Yzupm9MM+78yVA7
TRSKAgGtkVVJOEfgkD8+4TjWgd39APH00x6tyCrgQl+U3PBf0l261+3bv/62l6tb
08Nj3EXUJGNATGHekFejP2BbiDu7ik1YWRzhEKjupOKqWkhtPey6CUsl/vdV18UN
tuqerwoJbHgnWp++XtnY8aX29nAOd2pihCBLLsCM+23cVD7hKNTw
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:37:49 2025 by rpki-client